package com.oss.service.impl;

import java.util.List;

import org.hibernate.criterion.DetachedCriteria;
import org.hibernate.criterion.Restrictions;
import org.oss.client.dto.BaseRequest;
import org.oss.client.dto.OssSecurityResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;


import com.aliyuncs.exceptions.ClientException;
import com.oss.base.BaseConst;
import com.oss.base.OssMethod;
import com.oss.base.dao.IBaseDao;
import com.oss.base.util.HttpUtil;
import com.oss.service.IEhcacheService;
import com.oss.service.ISecurityService;
import com.oss.service.IUserService;
import com.oss.vo.SysUser;
import com.oss.vo.UserAuth;

@Service("userService")
public class UserServiceImpl implements IUserService{

	@Autowired
	private IBaseDao baseDao;
	@Autowired
	private ISecurityService securityService;
	@Autowired
	private IEhcacheService ehcacheService;
	
	
	@Override
	public SysUser getUserByLoginName(String loginName) {
		try {
			SysUser user = (SysUser) ehcacheService.getCacheElement(loginName);
			
			if(user != null){
				return user;
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
		
		
		try {
			DetachedCriteria dc = DetachedCriteria.forClass(SysUser.class);
		    dc.add(Restrictions.eq("loginName", loginName)); 
			
			List<SysUser> users = baseDao.findByCriteria(dc);
			
			if(users != null && users.size() >0){
				try {
					ehcacheService.addToCache(loginName, users.get(0));
				} catch (Exception e) {
					e.printStackTrace();
				}
				return users.get(0);
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
		
		
		return null;
	}

	


	@Override
	public OssSecurityResponse getUserSecurity(SysUser user,
			BaseRequest req) {
		
		if(!user.getPwd().equals(req.getPwd())){
			HttpUtil.buildFailedRes(OssSecurityResponse.class,new ClientException(BaseConst.RESPONSE_CODE_NOAUTH, "用户名或密码错误"));
		}
		
		
		for(UserAuth auth:user.getAuths()){
			if(checkAuth(req,auth)){
				return securityService.getStsFromOss(req,auth);
			}
		}
		
		return HttpUtil.buildFailedRes(OssSecurityResponse.class,new ClientException(BaseConst.RESPONSE_CODE_NOAUTH, "访问无权限"));
	}
	
	@Override
	public UserAuth getUserAuth(SysUser user,
			BaseRequest req) {
		
		
		
		for(UserAuth auth:user.getAuths()){
			if(req.getMethod().equals(auth.getAccMethod())){
				return auth;
			}
		}
		
		return null;
	}
	
	
	private OssSecurityResponse buildSuccessRes(UserAuth auth) {
		// TODO Auto-generated method stub
		return null;
	}




	/**
	 * 
	* Title: checkAuth
	* Description: 权限校验
	* @author   wjt
	* @date       2016-2-2
	* @param req
	* @param auth
	* @return
	 */
	private boolean checkAuth(BaseRequest req, UserAuth auth) {
		
		if(!req.getBucket().equals(auth.getBucket())){
			return false;
		}
		
		if(!req.getEndpoint().equals(auth.getEndpoint())){
			return false;
		}
		
		
		if(!req.getMethod().equals(auth.getAccMethod())&&auth.getAccMethod().indexOf(req.getMethod()+",") < 0){
			return false;
		}
		
		for(String path:auth.getAccPath().split(",")){
			if(req.getPath().startsWith(path)){
				return true;
			}
		}
		return false;
	}
	

}
